Name: Detecting Lateral Movement with Open-Source Network Monitoring & MITRE ATT&CK
Start: 2024-07-02T12:00:00Z
End: 2024-07-02T12:01:01.000Z
Location: BrightTALK
Rating: 4.7

ISC2 Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embark on a foresight journey into the future of cybersecurity, highlighting key trends and innovations that are set to redefine the digital defense landscape in the year ahead. Discover how advancements in artificial intelligence will revolutionize the way security teams reduce cybersecurity risks and improve their abilities to defend against modern threats. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2025.

Top Five Cybersecurity Predictions for 2025

Die europäische Cyber-Gesetzgebung und -Verordnung prägt die nationale und europäische Cybersicherheitslandschaft und darüber hinaus auch internationale Normen. Vom Digital Operational Resilience Act (DORA) über den Cyber Resilience Act (CRA) bis hin zur Network and Information Systems Directive 2 (NIS2) und darüber hinaus – eine wachsende Zahl von Organisationen sind höheren Anforderungen an die Cybersicherheit ausgesetzt. Für die Jahre 2024 und 2025 sind viele wichtige Meilensteine geplant. Wie können wir diese Zeit optimal für unsere Vorbereitung nutzen? 
 
Nehmen Sie als Zuschaue an der online Diskussionsrunde mit unseren geschätzten Diskussionsteilnehmern teil, die Folgendes besprechen werden:
·       Überblick über die aktuelle und kommende Gesetzgebung zur Cybersicherheit mit Auswirkungen auf Europa.
·       Praktische Strategien, die Organisationen anwenden können, um ihre Cybersicherheitslage zu verbessern und sich auf die bevorstehende Umsetzung der Gesetze vorzubereiten. 
·       Erörterung wie Sicherheitsrahmen wie NIST, CIS Controls, ECSF, ISO 27001/27002 und mehr am besten genutzt können, um gesetzliche Verpflichtungen zu erfüllen und die Cyber-Resilienz von Unternehmen zu verbessern.
·       Fallstudien, die effektive Ausrichtung an gesetzlichen Anforderungen skizzieren.
 
Dieses hochaktuelle Webinar sollten Sie nicht verpassen.

Nutzung von Cyber Security Frameworks zur Vorbereitung auf kommende Cyber-Gesetzgebung wie NIS2

New to the security industry? Or thinking about transitioning into an information security role? If so, this webinar is for you. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a one-hour ‘crash course’ on the entire security industry, including:

- Size and growth of the security industry
- Useful vocabulary terms and buzz words
- Five types of cyberthreat actors 
- Modern cyberthreats and tactics
- Categories of security defenses
- Common security job roles
- Security industry ecosystem

Security Industry 101: A ‘Crash Course’ For Security Newbies

Infostealer malware continues to pose a significant threat to organizations and individuals alike. This webinar offers a deep dive into the world of infostealer malware, providing an overview of the current threat landscape and a closer look at notorious malware families such as Redline, Lumma, and Agent Tesla.
 
Join VMRay and ISC2 8 October 2024 at 1:00 p.m. BST as we discuss how these malware families operate, explore their capabilities, and reveal the critical clues that can be extracted from malware configurations. Join us as we walk through sandbox reports to uncover valuable intelligence from malware samples, including Command & Control (C2) details, mission IDs, and other critical indicators.
 
What we’ll cover:
• A quick look at the threat landscape for infostealer malware.
• Insights into major malware families like Redline, Lumma, and Agent Tesla.
• Practical approaches for extracting actionable intelligence from malware configurations, including C2 information and other critical details.
 
By attending this security briefing, you’ll gain insights to improve your ability to detect and respond to these specific threats. Acquiring knowledge about the current trends will also enable more proactive threat hunting.

Infostealer Malware in Focus: Extracting Hidden Intelligence

The landscape of network security is rapidly evolving. Traditional network security, once centered around securing the network itself, is being redefined in the cloud era. This webinar is designed for architects seeking to adapt their strategies to the unique challenges presented by multi-cloud environments.  

On 1 October at 1:00 p.m. BST  Corelight and ISC2 will explore:  

-The limitations of existing security approaches  

- Key considerations for modern network security beyond preventive controls, including enhanced visibility, robust threat detection & elastic scaling  

- How Open Network Detection and Response (NDR) can enhance multi-cloud security

Re-think Network Security with Cloud Transformation

Artificial intelligence (AI) has bolstered cybersecurity solutions across the board. Security teams have more ways to detect advanced threats than ever before, and organizations are much better equipped to measure and reduce their attack surfaces. However, AI also benefits cyber adversaries with improved phishing and spear phishing techniques and new methods for tricking unsuspecting victims using deepfake content spawned by generative AI. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a comprehensive analysis of AI's dual role in both fortifying and challenging modern cyber defenses. Discover who's winning the AI arms race in cybersecurity.

Impact of AI on the Cybersecurity Industry: Who's Got the Upper Hand?

The rise of AI is not all hype and frenzy. There are real implications – for productivity and competitiveness, for governance and compliance, and for security.
 
Cyber security is a principal concern for those tasked with delivering AI services. Generative AI and other AI toolkits are becoming prime attack surfaces for cyber criminals, who are both targeting AI and leveraging AI for malicious gains. It is imperative that architects and security teams unpack the massive risk surface for AI applications.
 
On 29 August 2024 at 1:00 p.m. BST, join F5 and ISC2 to gain insights into the latest strategies and technologies for safeguarding your AI infrastructure against emerging cyber threats. In this webinar, we will cover:
 
- AI app architectures: Deploying and protecting AI apps across distributed environments
- AI security issues: Addressing new threats such as prompt injection attacks, data leakage, and OWASP Top 10 for LLM Apps
- App services for AI security: Leveraging solutions such as API security, DDoS protection, and bot defence

Is Your AI Security Ready for the Perfect Storm?

Compromising end user computing devices through spear phishing attacks is frequently cited as the initial step of advanced persistent threats, often leading to data breaches. Year after year, IT security professionals cite “low security awareness among employees” as a top inhibitor to IT security’s success in CyberEdge’s annual Cyberthreat Defense Report. So, why aren’t more security teams adequately addressing this challenge? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he details five ways to invest in your company’s human firewalls.

Five Smart Ways to Invest in Your Human Firewalls

APIs are fundamental to the digital economy, serving as the bridge to modernise legacy apps. While APIs are subject to the same attacks that target web apps, API-based architectures introduce unforeseen risk from an ever-expanding ecosystem of third-party integrations.

On 30 July 2024 at 1:00 p.m. BST, join F5 and ISC2 for an in-depth discussion on the critical components of API security. We'll cover the risks associated with deploying APIs and explore how you can safeguard your APIs against potential threats and vulnerabilities.

In this webinar, we will:
• Offer practical solutions to defend against API-specific attacks and threats
• Review strategies for managing API security in multicloud environments
• Demonstrate how AI-powered API security solutions can enable secure innovation
 
Whether you're managing a single cloud or a complex multicloud architecture, this webinar will equip you with the knowledge and tools you need to stay ahead of the curve in API security.

Shielding Your APIs: Practical Tips and AI-Powered Solutions

Want to know which IT security technologies are hot and which ones are not? Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP), as he reviews key purchase insights from the 2024 Cyberthreat Defense Report. Specifically, Steve will examine which security technologies are most widely deployed and most planned for acquisition in 2024 so you can benchmark your company’s current and planned investments against your peers. Steve will review purchase intent across five key security technology categories, including:

- Network security
- Endpoint security
- Application and data security
- Security management and operations
- Emerging security technologies

The ‘Hottest’ IT Security Technologies in 2024

In the face of a rapidly evolving threat landscape, understanding attackers and proactively mitigating threats has become imperative. This technical talk delves into the symbiotic relationship between sandboxing technologies and cyber threat intelligence (CTI), emphasizing the use of dynamic malware analysis to gain a deeper understanding of attackers and fortify organizational defenses.  

On 11 July 2024  at 1:00 p.m. BST, VMRay and ISC2 will discuss: 

1. The Significance of Threat Intelligence: Exploring the fundamental reasons for CTI and its practical applications.  
2. Choosing the Right Sandbox: How to consider factors such as integration capabilities, avoiding vendor lock-in, and effective benchmarking.  
3. The Value of Indicators of Compromise: Comparing public and in-house sources, and understanding how IOCs contribute to a comprehensive understanding of threats.  
4. Maximizing the Value of Threat Intelligence: Utilizing CTI effectively, including the automation of threat data collection via platforms like MISP, and the deployment of block rules to devices such as routers and proxy servers to prevent threats from advancing.  

By the end of this session, attendees will have a clear understanding of how to integrate sandboxing technologies into their threat intelligence workflows, enabling a transition from reactive response measures to proactive defense strategies.

Understand Your Attackers: The Role of Sandboxing in Threat Intelligence

Join us for this live webinar where we’ll tell you all about newly enhanced ISC2 Online Self-Paced Certified in Governance, Risk and Compliance (CGRC) Training with AI-driven adaptive learning. Find out how this dynamic experience pinpoints areas that require focus and guides you through every stage of your personalized exam prep. You’ll study smarter, not harder and go into the CGRC exam with confidence. 

You’ll learn: 

- Why it makes training more efficient busy professionals  
- What makes it a more efficient route to exam readiness 
- How artificial intelligence tailors learning to your needs
- And much more

Wednesday July 10 at 1pm ET

Save your spot now!

New AI-Driven Adaptive Learning for Certified in Governance, Risk and Compliance

Colonial Pipeline, CNA Financial, JBS Foods, Garmin, and Travelex. All victimized by high-profile ransomware attacks. All paid ransoms. Did these companies do the right thing by paying ransoms to accelerate data and system recovery? Or are they merely funding the ransomware industry and prompting even more attacks? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2024 Cyberthreat Defense Report. In this webinar, Steve will:

- Examine disturbing ransomware trends, by country and by industry
- Evaluate key factors that go into deciding whether to pay ransoms
- Outline ways to be prepared for a successful ransomware attack
- Review technologies to help give security teams the upper hand

Ransomware Deep Dive: To Pay or Not to Pay?

Join us for a deep dive into Certified in Governance, Risk and Compliance (CGRC), the governance, risk and compliance credential from ISC2, creator of the CISSP. 

The CGRC is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance, while meeting legal and regulatory requirements. 

CGRC, a vendor-neutral cybersecurity credential, recognizes your knowledge, skills and abilities to authorize and maintain information systems within the RMF. It proves you know how to formalize processes to assess risk and establish security documentation. 

CGRC is particularly well-suited for IT, information security and cybersecurity practitioners who manage risk in information systems. It is also recommended for any practitioner involved in authorizing and maintaining information systems.

In this 60-minute live virtual session, you’ll learn:
- If CGRC is right for you
- How Official ISC2 Training flexes with your learning style
- What to expect on exam day
- How to become endorsed and maintain your certification
- Plus, more!

Plus! Get answers to your CGRC questions during the Q&A section.

Register now and begin your CGRC certification journey today!

Certified in Governance, Risk and Compliance (CGRC) Info Session

CyberEdge’s annual Cyberthreat Defense Report (CDR) has become a staple for assessing organizations’ security postures, for gauging perceptions of IT security professionals, and for ascertaining current and planned investments in IT security infrastructure. It incorporates dozens of insights from 1,200 security professionals from 17 countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s tenth-annual 2024 CDR, including:

- The percentage of organizations victimized by cyber attacks 
- The percentage of organizations victimized by ransomware attacks
- How AI helps both cybersecurity teams and cyber adversaries
- Factors that improve overall job satisfaction among security professionals
- The health of IT security budgets
- The hottest security technologies planned for acquisition

Key Insights From the 2024 Cyberthreat Defense Report

Gemäß der ISC2-Workforce-Studie arbeiten weltweit etwa 5,5 Millionen Menschen im Bereich Cybersicherheit – ein Anstieg um 9 % im Jahr 2022. Trotzdem wächst die globale Fachkräftelücke weiter: Ab 2022 stieg die Lücke um 13 % an, was 2023 zu rund 4 Millionen offenen Stellen für Cybersicherheitsexperten führte.
Diese entscheidende Berufsgruppe müsste sich nahezu verdoppeln, um alle offenen Stellen zu besetzen. Diese Zahlen verdeutlichen, dass mehr Vielfalt und Integration im Cyberbereich notwendig sind, um den Pool potenzieller Fachkräfte zu erweitern und so dem steigenden Bedarf an Cybersicherheit weltweit gerecht zu werden.
Nehmen Sie an unserer Veranstaltung teil und diskutieren Sie mit Experten und Expertinnen über die Bedeutung von Vielfalt beim Aufbau von Cyber-Resilienz:
• Entwicklung von Karrierewegen
• Herausforderungen bei der Schaffung von mehr Raum Vielfalt und damit Deckung des Bedarfs an qualifizierten Fachkräften unterschiedlichster Hintergründe
• Einfluss künstlicher Intelligenz 
• und vieles mehr

Cybersicherheit: Fachkräftemangel mit Hilfe von DEI beseitigen

Geared towards security leaders and threat analysts alike, this session focuses on the evolving threat landscape as exemplified by Pikabot – a malware/loader adept at circumventing the latest endpoint protection strategies. Our session will shed light on Pikabot's sophisticated use of indirect system calls and other evasion tactics that challenge traditional detection methods. Attendees will gain strategic insights into enhancing their security posture and staying ahead of similar threats. Commonly delivered via phishing, and used by threat actors like TA577 to provide initial access to ransomware groups, this specific malware family is worth peeling back the layers.  

 On 14 May 2024 at 1:00 p.m. BST, join VMRay and ISC2 to learn about:  

-Pikabot’s Evasion Methods: Dive into how Pikabot’s use of obfuscation complicates detection, and what this means for ongoing security operations.  

-Strategic Implications of Evasion Techniques: Understand the broader impact of Pikabot’s evasion tactics on organizational security strategies and how these can undermine significant investments in endpoint protection.  

-Future-Proofing Your Security Measures: Explore how cutting-edge, behavior-based detection systems can provide a robust defense against sophisticated malware and discuss strategies for integrating these technologies into existing security frameworks.

Catch 'Em All: Defeating Pikabot's Advanced Evasion Attempts

Lateral movement is how a cyberattack graduates from a limited breach to a data loss disaster. To cut down on attacker dwell time and reduce opportunity for lateral movement, organisations are advised to leverage the MITRE ATT&CK framework to look out for malicious actors’ TTPs, with an approach focused on visibility and explainable, evidence-based analytics. 

And to help execute this strategy, organizations can use telemetry data from open-source network analysis tools such as Zeek to capture and investigate activity across a broad set of network protocols.  

On 2 July 2024 at 1:00 p.m. BST Corelight and ISC2 will share how to make the most of MITRE ATT&CK and Zeek to: 

- Find pass the hash attacks whereby attackers authenticate without the user's cleartext password.  
- Spot attempts to gain unauthorized interactive access to workstations and servers via RDP. 
- Monitor FTP for potential transfers of malicious toolkits into your environment.

Detecting Lateral Movement with Open-Source Network Monitoring & MITRE ATT&CK

(ISC)2

ISC2

CISSP

mitre atta&ck

Information Security

Cyber Security

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Detecting Lateral Movement with Open-Source Network Monitoring & MITRE ATT&CK

Presented by

About this talk

More from this channel